Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2016-2157 - Vulnerability Database

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2016-2157

High

Reference: CVE-2016-2157

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-2157

Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11 2.7.x before 2.7.13 2.8.x before 2.8.11 2.9.x before 2.9.5 and 3.0.x before 3.0.3 allows remote attackers to hijack the authentication of administrators for requests that manage Assignment plugins.